France is about to pass the worst surveillance law in the EU.
-
I haven't seen that show, but it sounds like it has a basis in reality: there has been a real concern that quantum computers might be able to break much of current encryption because they are far quicker than classical computers at problems like finding the prime factors of a number, and schemes like RSA encryption depend on that being hard to do. And that could be fairly catastrophic, not only for current communications and for data encrypted at rest, but because communications data can be collected now and decrypted later when the technology becomes available. As far as we know, no one has done it yet, but quantum computers are developing rapidly so the day may well come.
-
Nothing technically stops you. But if the government can prove you have been using Signal, all of a sudden you can be in a lot of trouble. This could be used for political oppression.
-
They do talk about quantum computing in the show in a different context, saying it's still a decade away. Their tech has something to do with Prime numbers (hence the title).
But also several companies already advertise "quantum resistant encryption" for whatever that's worth.
-
I expect many people might read this and think "yep, fair enough, I have nothing to say" and still not understand why either privacy or free speech are valuable.
-
In the same vein, with my family I've been using the analogy of "Imagine that all law enforcement had a key to your home, and they could enter at any time and look through your things, but you wouldn't even know it if they did, or if they took photos or recorded videos of your place to take with them. Their argument is that the only way to keep you and your stuff safe from the bad guys is for the good guys to have access. But because the good guys now have access, it's also easier for the bad guys to get in, because now there's all these extra keys to your home out there, which might fall into the hands of the bad guys."
Not a perfect analogy, but it seems to make them consider the issue from a more personal angle. And for those that argue, "Well, I don't have anything to hide.", I usually counter with "Then why do you close your curtains/blinds when you change your clothes or get out of the shower?" With my dad who grew up during the World War II, it also helped to mention that a law like this, once on the books, will not be easy to overturn, and while he might be fine with our current regime having access to all his data, that might not be the case with future authorities.
-
I don't think the current proposal in France sanctions individuals for using E2EE; it sanctions service providers for providing it.
-
Instead of extra keys, perhaps describe it as weaker locks. Would you consider the lock to which every cop had a key to be as strong and secure as a regular lock? And look at the USA for an instance of a new regime that can potentially use vast amounts of personal data to persecute and oppress anyone the fascists don't like. Many people might have (naively) trusted the government with the surveillance Edward Snowden and others revealed, back when they did not perceive the US Government as an immediate threat to ordinary Americans. But the new regime quite clearly is ready to persecute and punish people for their political views, and it now has all that data.
-
This is yet another way tying accounts to phone numbers can come back to bite you! I guess pulling out means denying registration from the country's numbers as well? So that would mean either a constant additional expense (which might be significant for poor people), or constantly risk getting the account deleted if you tied it to one-time rental.
-
I'm not the person you're replying to, but "weaker locks" feels like something you can make allowances for or work around. "Extra keys" feels like the Damoclean threat that it is.
-
I'm no cryptographer, so take this with a good heap of salt.
Basically, all encryption multiplies some big prime numbers to get the key. Computers are pretty slow at division and finding the right components used to create the key takes a long time, it's basically trial and error at the moment.
If you had an algorithm to solve for prime numbers, you could break any current encryption scheme and obviously cause a lot of damage in the wrong hands. -
That's being too generous. Some may not fully understand, but many do and simply don't care. Not sure if better or worse, but its not entirely lack of understanding.
-
Yep that's kinda how they explained it, too.
-
And the things that are perfectly okay today might be the things you want to hide tomorrow. Abortions and pregnancies, thoughts about labor rights out climate, sexual orientation, ...
-
France always tries to copy the US with a 10y delay so.. Yeah
-
Almost seems like they're afraid of us or something
-
Isn’t Sweden trying something stupid too?
-
Yeah. Also we don't have good guys either, but, that sounds nice.
-
The law is enforceable. If the options you're given is "put a backdoor in your product or stop operating in the country", it'll happen. And even if you reply "then I'll go away", laws like this, stupid, dangerous, breaking everything, will keep popping in one country after another until it's too late.
It not making sense have no bearing on whether it can be enforced or not. And the mere existence of the law may be enough to later put you in hot water if you have some de-facto illegal software on your phone or computer, for example. It would not be automatic everywhere, but another tool to just legally have something against most people.
-
It is possible to do, to some extent. Everything's possible. But then, when people that are on both side of this encryption barrier wants to talk, then both must use unencrypted messages. You'd also have the obvious case of someone having a phone/device/account from country A temporarily crossing through country FuckingFranceOrUK, so what do you do in that case?
You'd need to implement that, add UI features to know if you're using encryption or not, and above all, it's fucking stupid and against what most sane messaging solutions wants to do.
I'm sure it's possible to find people that would gladly do all that. Hopefully those people are not in the business of making all the useful communication services we currently use.
-
not at all arguing this is okay, not even a little
but
If you are the French government, and you know what the French populace has a history of doing to the French government, it would be understandable to be a bit paranoid of them, no?
again. It ain't cool. But I'm honestly surprised they didn't hop on the "intrusive surveillance" bandwagon sooner.
